Bug ID 1273845: Removing or manually adding TLS Certificate & Key on webUI removes whole TLS configuration

Last Modified: May 29, 2024

Affected Product(s):
F5OS None(all modules)

Known Affected Versions:
F5OS-A 1.4.0

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0, F5OS-A 1.5.0

Opened: Mar 21, 2023

Severity: 3-Major

Symptoms

Manually adding TLS Certificate & Key on webUI instead of storing through Self-Signed Certificate or removing Certificate & Key removes TLS configuration, which includes verify-client and verify-client-depth.

Impact

Verify Client and Client Depth configuration of Certificate Authentication will be changed to default values which disables verification of httpd client certificates.

Conditions

- When there is an existing Verify Client and Client Depth configuration, and user tries to remove TLS Certificate & Key on Certificate Management screen on webUI. - When user fills the TLS Certificate & Key on Certificate Management screen on webUI.

Workaround

- Remove or Add TLS Certificate & Key through CLI. - While creating Self-Signed Certificate, set "Store TLS" field as true - Re-add Verify Client and Client Depth after removing or manually adding TLS Certificate & Key.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips